The new General Regulation on the Protection of Personal Data – Regulation No. 2016/679 of the European Parliament and of the Council of 27 April 2016 – entered into force on 25 May 2018. This regulation lays down the rules on the protection, processing and free movement of personal data of natural persons and applies directly to all entities that process these data in any European Union Member State, including Portugal.
Domingos De Sousa & Filhos, S.A., hereinafter referred to as “DSF”, registered with the social security under No. 20010188968 and NCPI No. 500641269 registered with the Commercial Registry of Guimarães under No. 1192, with its headquarters in Rua da Igreja Nova, parish of Gandarela, municipality of Guimarães, adopts the levels of security and data protection lawfully required in order to ensure respect for the personal information and privacy of its users.
• Personal data, information relating to an identified or identifiable natural person (‘data subject’); an identifiable person is considered to be identifiable, directly or indirectly, in particular by reference to an identifier, such as a name, an identification number, location data, electronic identifiers or one or more specific elements of the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
• Processing, an operation or a set of operations carried out on personal data or on personal data sets by automated or non-automated means such as collection, registration, organisation, structuring, retention, adaptation or alteration, recovery, consultation, use, disclosure by transmission, dissemination or any other form of disclosure, comparison or interconnection, limitation, deletion or destruction;
• Limitation of processing, the insertion of a mark in the personal data preserved with the aim of limiting their processing in the future;
• Entity responsible for the processing, the natural or legal person, the public authority, the agency or other body which, individually or in conjunction with others, determines the purposes and means of processing personal data; where the purposes and means of such processing are determined by the Union or Member State law, the entity responsible for the processing or the specific criteria applicable to its appointment may be laid down by Union or Member State law;
• Consent of data subjects, a free, specific, informed and explicit expression of will, by which the data subjects accept, by means of a declaration or an unequivocal positive act, the processing of their personal data.
*Article 4, Chapter I, Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016
Who is responsible for processing personal data?
DSF is the entity responsible for processing personal data, namely for the collection, registration, organisation, structuring, conservation, rectification, use, dissemination and deletion of data.
What personal data do we collect?
DSF collects and processes the necessary personal data, processing data such as name and email.
The personal data collected are processed by computer in strict compliance with the legislation on the protection of personal data and are stored in a specific database. Under no circumstances will the data collected be used for any purpose other than that for which the consent was given by the data subject. All data provided by users are stored on DSF secure servers.
The data provided in the relationship entered into with DSF are processed in accordance with the law, in particular:
• “Processed in a fair and lawful manner;
• Collected for specific, explicit and legitimate purposes and are not processed in a manner incompatible with those purposes;
• Appropriate, relevant and limited to the minimum necessary for the purposes for which they are processed;
• Accurate and updated whenever necessary; all reasonable measures should be taken to ensure that inaccurate data, given the purposes for which they are processed, are deleted or rectified without delay;
• Preserved in such a way as to enable data subjects to be identified only during the period necessary for the purposes for which they are processed;
• Processed in such a way as to ensure their adequate security, including protection against their unauthorised or unlawful processing and against accidental loss, destruction or damage by resorting to appropriate technical or organisational measures.”
What are the purposes for collecting personal data and what is the basis for their processing (purpose limitation)?
In general, the personal data collected are intended for professional contact between the user and DSF.
Personal data collected by DSF are not shared with third parties without the user’s consent.
How long do we keep personal data?
The length of time during which the data are stored and preserved varies according to the purpose for which the information is processed.
However, there are legal requirements that oblige us to retain the data for a minimum period of time. As long as there is no specific legal requirement, data shall be stored and preserved only for the minimum period necessary for the purposes for which they were collected or later processed, after which they shall be deleted.
What are the rights of data subjects?
Data subjects have the following rights: the right to access, rectification and deletion, the right to deletion of their personal data (“right to be forgotten”), the right to limit their processing, the right to data portability, the right to opposition and automated individual decisions, at all times. In order to exercise their rights, users must send the request to the email address: dsousa@domingossousa.
– Right of access of the data subjects to their personal data (Article 15)
• “Data subjects have the right to know whether or not their personal data are processed and, if so, the right to access their personal data and the following information: the purposes, categories of personal data, recipients or categories of recipients to whom the data have been or will be disclosed, and the period of retention of personal data (if possible).”
– Right of rectification (Article 16)
• “Data subjects have the right to rectify their inaccurate personal data and the right to complete their personal data if they are incomplete.”
– Right to delete data (Article 17)
• “Data holders have the right to request the entity responsible for the processing to delete their personal data, provided that there are no valid grounds for their preservation.”
– Right to limit processing (Article 18)
• “Data holders have the right to request the entity responsible for processing their data to limit their processing.”
– Obligation to inform of the correction or deletion of personal data or limitation of processing
• “The entity responsible for processing shall inform each recipient to whom personal data have been transmitted of any correction or erasure of personal data or limitation of processing. If data subjects so request, the entity responsible for the processing shall inform them of those recipients.”
– Right of data portability
• “Data subjects have the right to receive their personal data.”
– Right of opposition and automated individual decisions
• “Data holders have the right to object to the processing of their personal data at any time, on grounds relating to their particular situation.”
What security measures have been adopted?
DSF agrees to ensure the protection of the security of the personal data made available to it.
Bearing in mind the concern that DSF states in defending privacy issues, technical and organisational security measures have been adopted in order to protect the personal data provided to it against its disclosure, misplacement, misuse, alteration, processing or unauthorised access as well as against any other form of illicit processing.
Online Litigation Resolution
In the event of a legal dispute, the consumer may use an Alternative Dispute Resolution Entity.
Alternative Dispute Resolution Entities, in accordance with law no. 144/2015, from September 8th:
ARBITRATION CENTERS OF GENERIC COMPETENCE
National Center for Information and Arbitration of Consumer Conflicts
It operates throughout the national territory, in areas not covered by another arbitration centers with regional jurisdiction.
Faculdade de Direito da Universidade Nova de Lisboa
Campus de Campolide
Tel.: 213 847 484
Centro de Arbitragem de Conflitos de Consumo do Vale do Ave / Tribunal Arbitral
Área geográfica de abrangência: Contratos celebrados nos municípios de Cabeceiras de Basto, Fafe, Felgueiras, Guimarães, Póvoa de Lanhoso, Póvoa de Varzim, Santo Tirso, Trofa, Vila do Conde, Vila Nova de Famalicão, Vizela e Vieira do Minho.
Contactos Endereço postal: Rua Capitão Alfredo Guimarães, n.º 1, 4800-019, Guimarães
Tel.: 253 422 410
More information on Portal do Consumidor www.consumidor.pt
If you continue to browse, you are giving your consent to the acceptance of such cookies as well as our Cookies’ Policy.
WHAT ARE COOKIES?
Cookies are small text files written to your device when you access websites.
These allow the storage of a set of user-related information, some of which is used to recognize the user in future visits to our website, and others are used to guarantee that all features work properly, improving the user’s experience and performance on the website.
The type of information that can be analyzed using cookies is as follows: user name, email address and password, the internet protocol address (IP) that is used to connect to the internet, the type and version of browser, the operating system and platform used for the connection, the web addresses (URLs) from which or through which you have accessed and left our services online, and the date and time of such activity, amongst others.
Website cookies may be disabled or managed at any time. To find out how to do this go to the “Help” area of your Browser.
Warning: It’s important to note that some areas of the website may not work properly after cookies are disabled.
PURPOSE OF THE COOKIES?
Therefore, they allow to eliminate some repetitive actions on the website, as well as assist in the presentation of information, to meet your needs and expectations.
TYPES OF COOKIES USED
Cookies are segmented according to their purpose and expiration date.
“Strictly needed Cookies” are key elements of access to certain areas of the website, such as access to secure areas of the website through login and password. By disabling cookies, the same services may not be used accordingly.
“Feature Cookies” memorize the browsing preferences of the user.
“Analytical Cookies” allow the memorization of how a website is navigated, to present products or services that meet the user’s needs and expectations, through the monitoring of the website. Examples of these are the ones that keep the most visited pages, the time in each page, the products or services searched, etc. These cookies store statistical information.